This document describes the parameters for the Redis Enterprise Cluster custom resource
Note this document is auto-generated from code comments. To contribute a change please change the code comments.
- Objects
- ActiveActive
- BundledDatabaseRedisVersions
- BundledDatabaseVersions
- ClusterCertificate
- CmServer
- ContainerTimezoneSpec
- CrdbCoordinator
- CrdbWorker
- ImageSpec
- IngressOrRouteSpec
- LicenseStatus
- MdnsServer
- Module
- OcspConfiguration
- OcspStatus
- PdnsServer
- PersistentConfigurationSpec
- PropagateHost
- RSClusterCertificates
- RedisEnterpriseCluster
- RedisEnterpriseClusterList
- RedisEnterpriseClusterSpec
- RedisEnterpriseClusterStatus
- RedisEnterpriseServicesConfiguration
- RedisOnFlashSpec
- Saslauthd
- Services
- ServicesRiggerConfigurationSpec
- SlaveHA
- StartingPolicy
- StatsArchiver
- UpgradeSpec
- Enums
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
method | Used to distinguish between different platforms implementation | IngressMethod | true | |
apiIngressUrl | RS API URL | string | true | |
dbIngressSuffix | DB ENDPOINT SUFFIX - will be used to set the db host ingress . Creates a host name so it should be unique if more than one db is created on the cluster with the same name | string | true | |
ingressAnnotations | Used for ingress controllers such as ha-proxy or nginx in GKE | map[string]string | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
version | string | true | ||
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
dbType | string | true | ||
version | string | true | ||
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
name | string | true | ||
certificate | string | true | ||
key | string | true | ||
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the CM server | OperatingMode | true | |
Back to Table of Contents |
Used to set the timezone across all redis enterprise containers.
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
propagateHost | Identifies that container timezone should be in sync with the host. | *PropagateHost | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the crdb coordinator process | OperatingMode | true | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the crdb worker processes | OperatingMode | true | |
Back to Table of Contents |
Image specification
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
repository | The repository (name) of the container image to be deployed. | string | true | |
versionTag | The tag of the container image to be deployed. | string | true | |
digestHash | The digest hash of the container image to pull. When specified, the container image is pulled according to the digest hash instead of the image tag. The versionTag field must also be specified with the image tag matching this digest hash. Note: This field is only supported for OLM deployments. | string | false | |
imagePullPolicy | The image pull policy to be applied to the container image. One of Always, Never, IfNotPresent. | v1.PullPolicy | true | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
method | Used to distinguish between different platforms implementation. | IngressMethod | true | |
apiFqdnUrl | RS API URL | string | true | |
dbFqdnSuffix | DB ENDPOINT SUFFIX - will be used to set the db host ingress . Creates a host name so it should be unique if more than one db is created on the cluster with the same name | string | true | |
ingressAnnotations | Additional annotations to set on ingress resources created by the operator | map[string]string | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
licenseState | Is the license expired | string | true | |
activationDate | When the license was activated | string | true | |
expirationDate | When the license will\has expired | string | true | |
shardsLimit | Number of redis shards allowed under this license | int32 | true | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the Multicast DNS server | OperatingMode | true | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
name | string | true | ||
displayName | string | true | ||
versions | []string | true | ||
Back to Table of Contents |
An API object that represents the cluster's OCSP configuration
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
ocspFunctionality | Whether to enable/disable OCSP mechanism for the cluster. | *bool | false | |
queryFrequency | Determines the interval (in seconds) in which the control plane will poll the OCSP responder for a new status for the server certificate. Minimum value is 60. Maximum value is 86400. | *int | false | |
responseTimeout | Determines the time interval (in seconds) for which the request waits for a response from the OCSP responder. Minimum value is 1. Maximum value is 60. | *int | false | |
recoveryFrequency | Determines the interval (in seconds) in which the control plane will poll the OCSP responder for a new status for the server certificate when the current staple is invalid. Minimum value is 60. Maximum value is 86400. | *int | false | |
recoveryMaxTries | Determines the maximum number for the OCSP recovery attempts. After max number of tries passed, the control plane will revert back to the regular frequency. Minimum value is 1. Maximum value is 100. | *int | false | |
Back to Table of Contents |
An API object that represents the cluster's OCSP status
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
responderUrl | The OCSP responder url from which this status came from. | string | false | |
certStatus | Indicates the proxy certificate status - GOOD/REVOKED/UNKNOWN. | string | false | |
producedAt | The time at which the OCSP responder signed this response. | string | false | |
thisUpdate | The most recent time at which the status being indicated is known by the responder to have been correct. | string | false | |
nextUpdate | The time at or before which newer information will be available about the status of the certificate (if available) | string | false | |
revocationTime | The time at which the certificate was revoked or placed on hold. | string | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the pdns server | OperatingMode | true | |
Back to Table of Contents |
Specification for Redis Enterprise Cluster persistence
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
enabled | Whether to add persistent volume to Redis Enterprise pods | *bool | True | true |
storageClassName | Storage class for persistent volume in Redis Enterprise pods. Leave empty to use the default. If using the default this way, make sure the Kubernetes Cluster has a default Storage Class configured. This can be done by running a kubectl get storageclass and see if one of the Storage Classes' names contains a (default) mark. |
string | true | |
volumeSize | resource.Quantity | true | ||
Back to Table of Contents |
Used to specify that the timezone is configured to match the host machine timezone.
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
apiCertificateSecretName | Secret Name/Path to use for Cluster's API Certificate. If left blank, will use certificate provided by the cluster. | string | false | |
cmCertificateSecretName | Secret Name/Path to use for Cluster's CM Certificate. If left blank, will use certificate provided by the cluster. | string | false | |
metricsExporterCertificateSecretName | Secret Name/Path to use for Cluster's Metrics Exporter Certificate. If left blank, will use certificate provided by the cluster. | string | false | |
proxyCertificateSecretName | Secret Name/Path to use for Cluster's Proxy Certificate. If left blank, will use certificate provided by the cluster. | string | false | |
syncerCertificateSecretName | Secret Name/Path to use for Cluster's Syncer Certificate. If left blank, will use certificate provided by the cluster. | string | false | |
Back to Table of Contents |
RedisEnterpriseCluster is the Schema for the redisenterpriseclusters API
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
metadata | metav1.ObjectMeta | false | ||
spec | RedisEnterpriseClusterSpec | false | ||
status | RedisEnterpriseClusterStatus | false | ||
Back to Table of Contents |
RedisEnterpriseClusterList contains a list of RedisEnterpriseCluster
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
metadata | metav1.ListMeta | false | ||
items | []RedisEnterpriseCluster | true | ||
Back to Table of Contents |
RedisEnterpriseClusterSpec defines the desired state of RedisEnterpriseCluster
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
nodes | Number of Redis Enterprise nodes (pods) | int32 | 3 | true |
serviceAccountName | Name of the service account to use | string | RedisEnterpriseCluster's name | false |
createServiceAccount | Whether to create service account | *bool | True | false |
uiServiceType | Type of service used to expose Redis Enterprise UI (https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | *v1.ServiceType | ClusterIP | false |
uiAnnotations | Annotations for Redis Enterprise UI service | map[string]string | false | |
servicesRiggerSpec | Specification for service rigger | *ServicesRiggerConfigurationSpec | false | |
redisEnterpriseAdditionalPodSpecAttributes | ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required for the statefulset - Redis Enterprise pods. Pod attributes managed by the operator might override these settings. Also make sure the attributes are supported by the K8s version running on the cluster - the operator does not validate that. | *v1.PodSpec | false | |
license | Redis Enterprise License | string | Empty string which is a Trial Mode licesne | false |
licenseSecretName | K8s secret or Vault Secret Name/Path to use for Cluster License. When left blank, the license is read from the "license" field. Note that you can't specify non-empty values in both "license" and "licenseSecretName", only one of these fields can be used to pass the license string. The license needs to be stored under the key "license". | string | Empty string | false |
username | Username for the admin user of Redis Enterprise | string | [email protected] | false |
nodeSelector | Selector for nodes that could fit Redis Enterprise pod | *map[string]string | false | |
redisEnterpriseImageSpec | Specification for Redis Enterprise container image | *ImageSpec | the default Redis Enterprise image for this version | false |
redisEnterpriseServicesRiggerImageSpec | Specification for Services Rigger container image | *ImageSpec | the default Services Rigger image for this version | false |
bootstrapperImageSpec | Specification for Bootstrapper container image | *ImageSpec | the default Bootstrapper image for this version | false |
redisEnterpriseNodeResources | Compute resource requirements for Redis Enterprise containers | *v1.ResourceRequirements | 2 CPUs and 4GB memory | false |
bootstrapperResources | Compute resource requirements for bootstrapper containers | *v1.ResourceRequirements | 0.1 CPUs and 128Mi memory | false |
redisEnterpriseServicesRiggerResources | Compute resource requirements for Services Rigger pod | *v1.ResourceRequirements | 0.5 CPU and 0.5GB memory | false |
pullSecrets | PullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | []v1.LocalObjectReference | empty | false |
persistentSpec | Specification for Redis Enterprise Cluster persistence | PersistentConfigurationSpec | false | |
sideContainersSpec | Specification for a side container that will be added to each Redis Enterprise pod | []v1.Container | empty | false |
extraLabels | Labels that the user defines for their convenience. Note that Persistent Volume Claims would only be labeled with the extra labels specified during the cluster's creation (modifying this field when the cluster is running won't affect the Persistent Volume | map[string]string | empty | false |
podAntiAffinity | Override for the default anti-affinity rules of the Redis Enterprise pods | *v1.PodAntiAffinity | false | |
antiAffinityAdditionalTopologyKeys | Additional antiAffinity terms in order to support installation on different zones/vcenters | []string | false | |
activeActive | Specification for ActiveActive setup. At most one of ingressOrRouteSpec or activeActive fields can be set at the same time. | *ActiveActive | false | |
upgradeSpec | Specification for upgrades of Redis Enterprise | *UpgradeSpec | false | |
podSecurityPolicyName | DEPRECATED PodSecurityPolicy support is removed in Kubernetes v1.25 and the use of this field is invalid for use when running on Kubernetes v1.25+. Future versions of the RedisEnterpriseCluster API will remove support for this field altogether. For migration instructions, see https://kubernetes.io/docs/tasks/configure-pod-container/migrate-from-psp/\n\nName of pod security policy to use on pods | string | empty | false |
enforceIPv4 | Sets ENFORCE_IPV4 environment variable | *bool | False | false |
clusterRecovery | ClusterRecovery initiates cluster recovery when set to true. Note that this field is cleared automatically after the cluster is recovered | *bool | false | |
rackAwarenessNodeLabel | Node label that specifies rack ID - if specified, will create rack aware cluster. Rack awareness requires node label must exist on all nodes. Additionally, operator needs a special cluster role with permission to list nodes. | string | false | |
priorityClassName | Adds the priority class to pods managed by the operator | string | false | |
volumes | additional volumes | []v1.Volume | false | |
redisEnterpriseVolumeMounts | additional volume mounts within the redis enterprise containers | []v1.VolumeMount | false | |
podAnnotations | pod annotations | map[string]string | false | |
podTolerations | Tolerations that are added to all managed pods. for more information: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ | []v1.Toleration | empty | false |
slaveHA | Slave high availability mechanism configuration. | *SlaveHA | false | |
clusterCredentialSecretName | Secret Name/Path to use for Cluster Credentials. To be used only if ClusterCredentialSecretType is vault. If left blank, will use cluster name. | string | false | |
clusterCredentialSecretType | Type of Secret to use for ClusterCredential: vault, kubernetes,... If left blank, will default to kubernetes secrets | string | true | |
clusterCredentialSecretRole | Used only if ClusterCredentialSecretType is vault, to define vault role to be used. If blank, defaults to "redis-enterprise-rec" | string | true | |
vaultCASecret | K8s secret name containing Vault's CA cert - defaults to "vault-ca-cert" | string | false | |
redisEnterpriseServicesConfiguration | RS Cluster optional services settings. Note that when disabling the CM Server service, the cluster's UI Service will be removed from the k8s cluster | *RedisEnterpriseServicesConfiguration | false | |
dataInternodeEncryption | Internode encryption (INE) cluster wide policy. An optional boolean setting. Specifies if INE should be on/off for new created REDBs. May be overridden for specific REDB via similar setting, please view the similar setting for REDB for more info. | *bool | false | |
redisUpgradePolicy | Redis upgrade policy to be set on the Redis Enterprise Cluster. Possible values: major/latest This value is used by the cluster to choose the Redis version of the database when an upgrade is performed. The Redis Enterprise Cluster includes multiple versions of OSS Redis that can be used for databases. | string | false | |
certificates | RS Cluster Certificates. Used to modify the certificates used by the cluster. See the "RSClusterCertificates" struct described above to see the supported certificates. | *RSClusterCertificates | false | |
podStartingPolicy | Mitigation setting for STS pods stuck in "ContainerCreating" | *StartingPolicy | false | |
redisEnterpriseTerminationGracePeriodSeconds | The TerminationGracePeriodSeconds value for the (STS created) REC pods. Note that pods should not be taken down intentionally by force. Because clean pod shutdown is essential to prevent data loss, the default value is intentionally large (1 year). When data loss is acceptable (such as pure caching configurations), a value of a few minutes may be acceptable. | *int64 | 31536000 | false |
redisOnFlashSpec | Stores configurations specific to redis on flash. If provided, the cluster will be capable of creating redis on flash databases. Note - This is an ALPHA Feature. For this feature to take effect, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. | *RedisOnFlashSpec | false | |
ocspConfiguration | An API object that represents the cluster's OCSP configuration. To enable OCSP, the cluster's proxy certificate should contain the OCSP responder URL. Note - This is an ALPHA Feature. For this feature to take effect, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. | *OcspConfiguration | false | |
encryptPkeys | Private key encryption - in order to enable, first need to mount ${ephemeralconfdir}/secrets/pem/passphrase and add the passphrase and then set fields value to 'true' Possible values: true/false Note: This is an ALPHA Feature. For this feature to take effect, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. | *bool | false | |
containerTimezone | Container timezone configuration. While the default timezone on all containers is UTC, this setting can be used to set the timezone on services rigger/bootstrapper/RS containers. Currently the only supported value is to propagate the host timezone to all containers. | *ContainerTimezoneSpec | false | |
ingressOrRouteSpec | Access configurations for the Redis Enterprise Cluster and Databases. Note - this feature is currently in preview. For this feature to take effect, set a boolean environment variable with the name "ENABLE_ALPHA_FEATURES" to True. This variable can be set via the redis-enterprise-operator pod spec, or through the operator-environment-config Config Map. At most one of ingressOrRouteSpec or activeActive fields can be set at the same time. | *IngressOrRouteSpec | false | |
services | Redis-Enterprise-Operator services specifications. | *Services | false | |
Back to Table of Contents |
RedisEnterpriseClusterStatus defines the observed state of RedisEnterpriseCluster
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
state | State of Redis Enterprise Cluster | ClusterState | true | |
specStatus | Validity of Redis Enterprise Cluster specification | SpecStatusName | true | |
modules | Modules Available in Cluster | []Module | false | |
licenseStatus | State of the Cluster's License | *LicenseStatus | false | |
bundledDatabaseVersions | Versions of open source databases bundled by Redis Enterprise Software - please note that in order to use a specific version it should be supported by the ‘upgradePolicy’ - ‘major’ or ‘latest’ according to the desired version (major/minor) | []*BundledDatabaseVersions | false | |
ocspStatus | An API object that represents the cluster's OCSP status | *OcspStatus | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
mdnsServer | *MdnsServer | false | ||
cmServer | *CmServer | false | ||
statsArchiver | *StatsArchiver | false | ||
saslauthd | *Saslauthd | false | ||
pdnsServer | *PdnsServer | false | ||
crdbCoordinator | *CrdbCoordinator | false | ||
crdbWorker | *CrdbWorker | false | ||
Back to Table of Contents |
RedisOnFlashSpec contains all the parameters needed to configure in order to enable creation of redis on flash databases.
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
enabled | Indicates whether RoF is turned on or not. | bool | true | |
flashStorageEngine | The type of DB engine used on flash. Currently the only supported value is "rocksdb", but this will change in the future. | RedisOnFlashsStorageEngine | true | |
storageClassName | Used to identify the storage class name of the corresponding volume claim template. | string | true | |
flashDiskSize | Required flash disk size. | resource.Quantity | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the saslauthd service | OperatingMode | true | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
servicesAnnotations | Global additional annotations to set on service resources created by the operator. | map[string]string | false | |
Back to Table of Contents |
Specification for service rigger
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
databaseServiceType | Service types for access to databases. should be a comma separated list. The possible values are cluster_ip, headless and load_balancer. | string | cluster_ip,headless | true |
serviceNaming | string | true | ||
extraEnvVars | []v1.EnvVar | false | ||
servicesRiggerAdditionalPodSpecAttributes | ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required for the rigger deployment pod. Pod attributes managed by the operator might override these settings (Containers, serviceAccountName, podTolerations, ImagePullSecrets, nodeSelector, PriorityClassName, PodSecurityContext). Also make sure the attributes are supported by the K8s version running on the cluster - the operator does not validate that. | *v1.PodSpec | false | |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
slaveHAGracePeriod | Time in seconds between when a node fails, and when slave high availability mechanism starts relocating shards. If set to 0, will not affect cluster configuration. | *uint32 | 1800 | true |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
enabled | Whether to detect and attempt to mitigate pod startup issues | *bool | False | true |
startingThresholdSeconds | Time in seconds to wait for a pod to be stuck while starting up before action is taken. If set to 0, will be treated as if disabled. | *uint32 | 540 | true |
Back to Table of Contents |
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
operatingMode | Whether to enable/disable the stats archiver service | OperatingMode | true | |
Back to Table of Contents |
Specification for upgrades of Redis Enterprise
Field | Description | Scheme | Default Value | Required |
---|---|---|---|---|
autoUpgradeRedisEnterprise | Whether to upgrade Redis Enterprise automatically when operator is upgraded | bool | true | |
Back to Table of Contents |
State of the Redis Enterprise Cluster
Value | Description |
---|---|
"PendingCreation" | ClusterPendingCreate means cluster is not created yet |
"BootstrappingFirstPod" | Bootstrapping first pod |
"Initializing" | ClusterInitializing means the cluster was created and nodes are in the process of joining the cluster |
"RecoveryReset" | ClusterRecoveryReset resets the cluster by deleting all pods |
"RecoveringFirstPod" | ClusterRecoveringFirstPod means the cluster entered cluster recovery |
"Running" | ClusterRunning means the cluster's sub-resources have been created and are in running state |
"Error" | ClusterError means the there was an error when starting creating/updating the one or more of the cluster's resources |
"Invalid" | ClusterConfigurationInvalid means an invalid spec was applied |
"InvalidUpgrade" | ClusterInvalidUpgrade means an upgrade is not possible at this time |
"Upgrade" | ClusterUpgrade |
"Deleting" | ClusterDeleting |
"ClusterRecreating" | ClusterRecreating - similar to ClusterRecoveryReset - delete all pods before recreation of the cluster. |
Back to Table of Contents |
Used to distinguish between different platforms implementation
Value | Description |
---|---|
"openShiftRoute" | Routes are only usable in OpenShift |
"ingress" | See https://kubernetes.io/docs/concepts/services-networking/ingress/ |
"istio" | Ingress implemented via Istio |
Back to Table of Contents |
Value | Description |
---|---|
"enabled" | |
"disabled" | |
Back to Table of Contents |
Value | Description |
---|---|
"rocksdb" | |
Back to Table of Contents |
Whether the REC specification is valid (custom resource)
Value | Description |
---|---|
"Invalid" | Specification status invalid |
"Valid" | Specification status valid |
Back to Table of Contents |